package com.pug.autnorization.config.credentials;

import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

/**
 * @author RenGaoshuai
 * @date 2023/7/11 9:16
 * @description 客户端模式-security配置
 */
@Configuration
@Order(1)
public class SecurityConfig extends WebSecurityConfigurerAdapter {


    /**
     * 开启Spring Security的Web安全功能，所有资源必须经过授权才可以访问
     * anyRequest()任何请求，注意需要把它放到最后边
     * authenticated()所有请求都需要认证
     * antMatchers()需要放行的url
     */
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        //授权服务器任何请求都需要认证
        http.authorizeRequests().anyRequest().authenticated();
    }

}
